# Allow everything but "meta".
*			/	rw,alldirs,maproot=0

# Allow "meta".
*			.	rw

# Line format:
#  [ip range] [path] [options]
# ip range:
#  * = any ip (same as 0.0.0.0/0)
#  A.B.C.D = given ip address
#  A.B.C.D-E.F.G.H = range of ip addresses
#  A.B.C.D/BITS = A.B.C.D network with BITS ones in netmask
#  A.B.C.D/E.F.G.H = A.B.C.D network with E.F.G.H netmask
# path:
#  . = special 'path' that means 'meta'
#  /... = path in mfs structure
# options:
#  ro/rw/readonly/readwrite = meaning is obvious
#  alldirs = any subdirectored can be mounted as root
#  dynamicip = ip is tested only during first authentication, then client can use the same session id from any ip
#  ignoregid = group id (gid) is not tested - important when you want to use auxilinary groups
#  canchangequota = manipulating quota values is allowed (quota is already implemented but will be enabled in version 1.7)
#  maproot=UID[:GID] = treat all root (user with uid equal to zero) operations as operations done by user with uid equal to UID and gid equal to GID (or default gid of this user)
#  mapall=UID[:GID} = like above but for all operations (for both options UID and/or GID can be specified as username or groupname existing on master machine)
#  password=TEXT = force authentication using given password
#  md5pass=MD5 = like above, but with password defined as it's MD5 hash (MD5 specified as 128-bit hexadecimal number)
#  minversion=VERS = allow only clients with version number equal or greater than VERS (VERS can be specified as X or X.Y or X.Y.Z)
#  mingoal=N = do not allow to set goal below N (N should be a digit from '1' to '9')
#  maxgoal=N = do not allow to set goal above N (N as above)
#  mintrashtime=TIMEDURATION = do not allow to set trashtime below TIMEDURATION (TIMEDURATION can be specified as number of seconds or combination of elements #W,#D,#H,#M,#S with given order)
#  maxtrashtime=TIMEDURATION = do not allow to set trashtime above TIMEDURATION (TIMEDURATION can be specified as above)
#
# Defaults:
#  readonly,maproot=999:999,mingoal=1,maxgoal=9,mintrashtime=0,maxtrashtime=4294967295
#
# TIMEDURATION examples:
#  2H = 2 hours
#  4h30M = 4 hours and 30 minutes (time units are case insensitive)
#  12w = 12 weeks
#  86400 = 86400 seconds = 1 day
#  11d13h46m40s = 1000000 seconds (defined in a little strage way as 11 days, 13 hours, 46 minutes and 40 seconds)
#  48H = 48 hours = 2 days (it is allowed to use any positive number with any time unit as long as calculated number of seconds do not overrun 4294967295)
#  30m12h = wrong definition (minutes before hours)
#  30m12 = wrong definition (12 without unit definition - only one, alone number is allowed without unit definition)
#  50000d = wrong definition (calculated number of seconds is 4320000000 which is greater than 4294967295)

# Some examples:

#  Users from any IP can mount root directory as a read-only file system. Local roots are mapped as users with uid:gid = 999:999.
#*			/	ro

#  Users from IP 192.168.1.0-192.168.1.255 can mount root directory as a standard read/write file system. Local roots are mapped as users with uid:gid = 999:999.
#192.168.1.0/24		/	rw

#  Users from IP 192.168.1.0-192.168.1.255 when give password 'passcode' can mount any subdirectory as a standard read/write file system. Local roots are left unmapped.
#192.168.1.0/24		/	rw,alldirs,maproot=0,password=passcode

#  Users from IP 10.0.0.0-10.0.0.5 when give password 'test' can mount 'test' subdirectory as a standard read/write file system. Local roots are mapped as 'nobody' users (usually uid=65534).
#10.0.0.0-10.0.0.5	/test	rw,maproot=nobody,password=test

#  Users from IP 10.1.0.0-10.1.255.255 can mount 'public' subdirectory as a standard read/write file system. All users are mapped as users with uid:gid = 1000:1000.
#10.1.0.0/255.255.0.0	/public	rw,mapall=1000:1000

#  Users from IP 10.2.0.0-10.2.255.255 can mount everything, but can't decrease trash time below 2 hours and 30 minutes and above 2 weeks
#10.2.0.0/16		/	rw,alldirs,maproot=0,mintrashtime=2h30m,maxtrashtime=2w
